Skip to main content

Email encryption flaw gives hackers full access to your secret messages

Researchers at the Munster University of Applied Sciences discovered vulnerabilities in the Pretty Good Protection (PGP) and S/MIME technologies used to encrypt email. The problem resides in how email clients use these plug-ins to decrypt HTML-based emails. Individuals and companies are encouraged to disable PGP and/or S/MIME in their email clients for now and use a separate application for message encryption. 

Called EFAIL, the vulnerability abuses “active” content rendered within HTML-based emails, such as images, page styles, and other non-text content stored on a remote server. To successfully carry out an attack, the hacker must first have the encrypted email in possession, whether it’s through eavesdropping, hacking into an email server, and so on. 

Related Videos

The first attack method is called “Direct Exfiltration” and abuses vulnerabilities in Apple Mail, iOS Mail, and Mozilla Thunderbird. An attacker creates an HTML-based email comprising of three parts: the start of an image request tag, the “stolen” PGP or S/MIME ciphertext, and the end of an image request tag. The attacker then sends this revised email to the victim. 

On the victim’s end, the email client first decrypts the second part and then combines all three into one email. It then converts everything into an URL form starting with the hacker’s address and sends a request to that URL to retrieve the nonexistent image. The hacker receives the image request, which contains the entire decrypted message. 

The second method is called the “CBC/CFB Gadget Attack,” which resides within the PGP and S/MIME specifications, affecting all email clients. In this case, the attacker locates the first block of encrypted plaintext in the stolen email and adds a fake block filled with zeroes. The attacker then injects image tags into the encrypted plaintext, creating a single encrypted body part. When the victim’s client opens the message, the plaintext is exposed to the hacker. 

Ultimately, if you don’t use PGP or S/MIME for email encryption, then there’s nothing to worry about. But individuals, companies, and corporations who use these technologies on a daily basis are advised to disable related plugins and use a third-party client to encrypt emails, such as Signal (iOS, Android). And because EFAIL relies on HTML-based emails, disabling HTML rendering is also advised for now. 

“This vulnerability might be used to decrypt the contents of encrypted emails sent in the past. Having used PGP since 1993, this sounds baaad (sic),” F-Secure’s Mikko Hypponen wrote in a tweet. He later said that people use encryption for a reason: Business secrets, confidential information, and more.  

According to the researchers, “some” email client developers are already working on patches that either eliminates EFAIL altogether or makes the exploits harder to accomplish. They say the PGP and S/MIME standards need an update, but that “will take some time.” The full technical paper can be read here. 

The problem was first leaked by the Süddeutschen Zeitun newspaper prior to the scheduled news embargo. After the EFF contacted the researchers to confirm the vulnerabilities, the researchers were forced to release the technical paper prematurely.

Editors' Recommendations

Your browser might be filling in hidden fields and giving away your secrets
A hand on a laptop in a dark surrounding.

It seems like you can't go online lately without running into a new way to get infected with malware or have your identity stolen. And sometimes, it seems like there's nothing you can do to avoid exposing yourself to trouble.

One of the more difficult traps to avoid is a phishing site, which presents itself as a legitimate page while requesting account and other sensitive information. Now, there's apparently a browser vulnerability that can enter information on phishing sites without your knowledge and without your needing to do a thing, as ZDNet reports.

Read more
France and Germany push for an EU-wide law to allow access to encrypted messages
france germany encryption access bernard cazeneuve

Ministers from France and Germany are coming down hard on the use of encryption in criminal and terrorist investigations. The two countries are pushing for an EU-wide law that would compel companies and operators to decrypt suspects’ messages.

The push against robust encryption mirrors the ongoing debate in the United States, where law enforcement like the FBI has clashed with Apple over access to encrypted iPhones.

Read more
Trance music hides secret messages in new encryption technique
best dance songs

Next time you find yourself dancing to trance music in a club, listen carefully to the tempo -- it may be sending you a message. And no, this message is not speaking to your heart, it actually is a new form of cryptography called "StegIbiza" that hides a message inside this unique form of trance music. In this latest breakthrough, Krzysztof Szczypiorski at the Warsaw University of Technology in Poland has advanced the musical form of cryptography by developing a technique that embeds secret messages into trance music.

Hidings secret messages within a body of work, such as a musical composition, is nothing new -- people have been using the technique of steganography since the 16th century, when Benedictine monk Johannes Trithemius hid his treatise on cryptography within a book about magic. Since then the discipline has improved immensely with researchers now encoding messages inside the digital music.

Read more